TYPO3 News & Events Hub
What’s New & What’s Coming
Cross-Site Scripting in extension "Extension Kickstarter" (kickstarter)
It has been discovered that the extension "Extension Kickstarter" (kickstarter) is susceptible to Cross-Site Scripting.
Read moreMultiple vulnerabilities in extension "Fe user statistic" (festat)
It has been discovered that the extension "Fe user statistic" (festat) is susceptible to Cross-Site Scripting, Insecure Unserialize and Information Disclosure.
Cross-Site Scripting in extension "Google Sitemap" (enter_new_weeaar_googlesitemap)
It has been discovered that the extension "Google Sitemap" (enter_new_weeaar_googlesitemap) is susceptible to Cross-Site Scripting.
Cross-Site Scripting in extension "List frontend users" (listfeusers)
It has been discovered that the extension "List frontend users" (listfeusers) is susceptible to Cross-Site Scripting.
Information Disclosure in extension "UTOPIA" (ics_utopia)
It has been discovered that the extension "UTOPIA" (ics_utopia) is susceptible to Information Disclosure.
Farewell Carsten
Thursday, 25th of February 2016, Carsten Bleicker passed away
Denial of Service attack possibility in TYPO3 component Indexed Search
It has been discovered, that TYPO3 is susceptible to a Denial of Service attack.
Cross-Site Scripting in TYPO3 component CSS styled content
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting.
Cross-Site Scripting in TYPO3 component Backend
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting.
TYPO3 CMS 6.2.19 and 7.6.4 released
The TYPO3 Community announces the versions 6.2.19 LTS and 7.6.4 LTS of the TYPO3 Enterprise Content Management System.
XML External Entity (XXE) Processing in TYPO3 Core
It has been discovered, that TYPO3 is susceptible to XML External Entity Processing
This Week in TYPO3 (2016, Week 6)
A special on TYPO3 documentation infrastructure, certification, T3Rookies Summer Camp 2016, TYPO3 usergroup India and bootup-camps gaining popularity! All things TYPO3 community!
Cross-Site Scripting in form component
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
Cross-Site Scripting in legacy form component
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
Cross-Site Scripting in link validator component
It has been discovered, that TYPO3 is susceptible to Cross-Site Scripting
SQL Injection in dbal
It has been discovered, that TYPO3 is susceptible to SQL Injection
TYPO3 CMS 6.2.18 and 7.6.3 released
The TYPO3 Community announces the versions 6.2.18 LTS and 7.6.3 LTS of the TYPO3 Enterprise Content Management System.
General Assembly 2016
The annual General Assembly of the TYPO3 Association will take part at the 6th of April 2016 13:00 pm in Essen in the Unperfekthaus.
TYPO3 Education & Certification - An Update on our Work
The TYPO3 Education Committee had its first sprint of the year in Hamburg, working on official training guides, certifications and pre-flights.
T3BOARD16 in Canada and Austria
T3BOARD16 in Canada – Whistler, 20.02.2016-29.02.2016 and Austria – Zillertal, 28.02.2016-06.03.2016